CVE-2007-5936: Low severity Tug Texlive 2007 vulnerability
Description of problem:
Dvips uses insecure tmpnam() function to create files for temporary data while converting a DVI file to laser jet printer format. A local attacker could conduct a time-dependent attack by creating the files before dviljk uses them which could possibly lead into information leak and would permit the attacker to modify the processed data.
Additional info:
See URL filed for Gentoo report. The attached file fixes this problem by using a secure temporary directory together with other issues.
Other sources
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2007-5936?
CVE-2007-5936 is considered a moderate severity vulnerability due to the potential for local attackers to exploit it.
How do I fix CVE-2007-5936?
To fix CVE-2007-5936, update to a version of Dvips that does not utilize the insecure tmpnam() function.
Who is affected by CVE-2007-5936?
CVE-2007-5936 affects users of Dvips, specifically versions prior to 40.3 and certain teTeX and TeX Live 2007 distributions.
What kind of attack does CVE-2007-5936 enable?
CVE-2007-5936 enables local attackers to perform time-dependent attacks by creating temporary files before Dvips uses them.
Is there any workaround for CVE-2007-5936?
A potential workaround for CVE-2007-5936 is to ensure that the Dvips processes run in a secure environment where unauthorized users cannot create temporary files.